Cybersecurity—Separating Fact From Fiction

In the maritime world cyber risks conflate with vessel safety, making a multifaceted response essential, Inmarsat senior VP for safety and security Peter Broadhurst told us.

NE e-mag: How many of today’s ships have always-on internet access?

Peter Broadhurst: About 30,000 vessels globally have some sort of access to always-on internet via satellite. At the same time, a mix of increasingly sophisticated equipment—from electronic navigation systems to computer-controlled engines—is finding its way aboard modern tonnage. This means ships can no longer be considered protected by an “air-gap” from cyber threats.

NE e-mag: What is Inmarsat doing to provide the multifaceted response you see as essential?

Peter Broadhurst: Inmarsat is preparing to launch the industry’s first fully-managed unified threat management [UTM] service. And we are separating fact from fiction.

NE e-mag: Can you give us some details?

Peter Broadhurst: I think there are cyber companies that have made their mark with financial institutions and are looking to other verticals. Superficially, they can make an impression by predicting doom and gloom for shipping. Inmarsat, by contrast, is drawing on 38 years of maritime experience, as well as a long track record as a supplier for government and defense clients, to concentrate on where threats are really going to come from. It is time to introduce maturity into maritime security. The threats faced by ships demand a response to technical, operational, training and insurance needs.

NE e-mag: Many in the maritime sector still think the risk of premeditated cyber attacks on shipping is low. How do you respond to that?

Peter Broadhurst: Things are changing fast. Mobile connectivity brings ships into the Internet of Things, especially following last year’s launch of Inmarsat Fleet Xpress. That hybrid Ka-band/L-band service redefines what is possible in maritime communications, offering consistent, higher bandwidth communications and always-on capability. But freedom to roam the web is as open to fraudsters as it is to legitimate users.

To emphasize how important we see it, Inmarsat has ring-fenced maritime security as a dedicated area of expertise within safety services. We have a team of nine cyber specialists.

NE e-mag: Are you working with others to develop the system?

Peter Broadhurst: Yes. We have a strategic alliance with Singtel to utilize capability available through the Singaporean telecoms company’s Trustwave subsidiary. Shipboard tests of a maritime UTM system from Inmarsat are currently under way and the full launch is envisaged later in 2017.

“Ships can no longer be considered protected by an ‘air-gap’ from cyber threats.”

Inmarsat is also supporting a joint working group set up by the International Association of Classification Societies to formulate a set of recommendations focused on cybersecurity.

This year, too, has seen the launch of the Be Cyber Aware at Sea campaign by UK-based maritime cybersecurity specialist JWC International, which we are actively supporting. It has also attracted support from The Standard Club, North P&I Club, and insurance broker Integro.

NE e-mag: Can you reveal the name and details of the system you are developing?

Peter Broadhurst: Not yet. But I can say it will be an end-to-end cybersecurity solution that not only includes a technical answer to report and prevent attacks or malware on a ship, but also offers a program of awareness, risk assessments and the training that drives best practice procedures.